- The filtering configuration should be applied to routers R3 and R5.
ORF or outbound route filtering is the technique that allows a BGP peer to “push" a filter to the remote neighbor. The neighbor then applies the prefix filter to the outbound updates sent to the peer that pushed the filter. This feature is particularly helpful in situations when BGP peers exchange large amount of BGP information. Applying filtering outbound on the remote peer instead of inbound on the local peer significantly decreases the amount of routing information send across the link. There are two types of ORF filters defined in IETF’s draft – prefixlist based and community based. Cisco IOS supports only the prefix-list ORFs.
In BGP terms, ORF is a special capability negotiated during the establishment of a BGP session. A peer may either advertise its willingness to send, receive or both send and receive the ORFs. You have to enable this capability on peering routers prior to configuring ORFs. The command to enable the feature in the IOS routers is
In BGP terms, ORF is a special capability negotiated during the establishment of a BGP session. A peer may either advertise its willingness to send, receive or both send and receive the ORFs. You have to enable this capability on peering routers prior to configuring ORFs. The command to enable the feature in the IOS routers is
neighbor <IP> capability orf prefix-list {send|receive|both}
You need to reset the BGP session in order to negotiate the new capabilities.
In order to configure and push an ORF, you need to define a prefix list and apply it to the peer’s session using the command
neighbor <IP> prefix-list <NAME> in
The list must be inbound, as this is the natural direction for ORF. If the session has ORF send\ capability enabled, the list will be pushed to the remote peer and installed as and outbound filter after you do a session refresh using the
clear ip bgp <IP> soft in prefix-filter
This command pushes the prefix list and requires route refresh (re-advertisement) from the peer.
configurtion:
R1:
router bgp 100
neighbor 155.1.13.3 capability orf prefix-list both
router bgp 100
neighbor 155.1.13.3 capability orf prefix-list both
R4:
router bgp 100
neighbor 155.1.45.5 capability orf prefix-list both
R3:
ip prefix-list ORF deny 112.0.0.0/8
ip prefix-list ORF deny 114.0.0.0/8
ip prefix-list ORF permit 0.0.0.0/0 le 32
!
router bgp 200
neighbor 155.1.13.1 capability orf prefix-list both
neighbor 155.1.13.1 prefix-list ORF in
!
router bgp 200
neighbor 155.1.13.1 capability orf prefix-list both
neighbor 155.1.13.1 prefix-list ORF in
R5:
ip prefix-list ORF deny 112.0.0.0/8
ip prefix-list ORF deny 114.0.0.0/8
ip prefix-list ORF permit 0.0.0.0/0 le 32
!
router bgp 200
neighbor 155.1.45.4 capability orf prefix-list both
neighbor 155.1.45.4 prefix-list ORF in
verification:
Rack1R3#show ip bgp neighbors 155.1.13.1
BGP neighbor is 155.1.13.1, remote AS 100, external link
Fall over configured for session
Administratively shut down
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
Last read 00:00:33, last write 00:00:33, hold time is 180, keepalive interval is 60 seconds
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 2 2
Notifications: 0 0
Updates: 46 90
Keepalives: 165 165
Route Refresh: 0 0
Total: 213 257
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 281, neighbor version 0/0
Output queue size : 0
Index 3, Offset 0, Mask 0x8
3 update-group member
Inbound soft reconfiguration allowed
AF-dependant capabilities:
Outbound Route Filter (ORF) type (128) Prefix-list:
Send-mode: advertised
Receive-mode: advertised
Inbound path policy configured
Outbound path policy configured
Incoming update prefix filter list is ORF
Route map for incoming advertisements is FROM_R1
Route map for outgoing advertisements is TO_R1
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 10, min 0
Connections established 2; dropped 2
Last reset 00:17:05, due to Admin. shutdown
No active TCP connection
BGP neighbor is 155.1.13.1, remote AS 100, external link
Fall over configured for session
Administratively shut down
BGP version 4, remote router ID 0.0.0.0
BGP state = Idle
Last read 00:00:33, last write 00:00:33, hold time is 180, keepalive interval is 60 seconds
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 2 2
Notifications: 0 0
Updates: 46 90
Keepalives: 165 165
Route Refresh: 0 0
Total: 213 257
Default minimum time between advertisement runs is 30 seconds
For address family: IPv4 Unicast
BGP table version 281, neighbor version 0/0
Output queue size : 0
Index 3, Offset 0, Mask 0x8
3 update-group member
Inbound soft reconfiguration allowed
AF-dependant capabilities:
Outbound Route Filter (ORF) type (128) Prefix-list:
Send-mode: advertised
Receive-mode: advertised
Inbound path policy configured
Outbound path policy configured
Incoming update prefix filter list is ORF
Route map for incoming advertisements is FROM_R1
Route map for outgoing advertisements is TO_R1
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 10, min 0
Connections established 2; dropped 2
Last reset 00:17:05, due to Admin. shutdown
No active TCP connection
Rack1R1#sho ip bgp neighbors 155.1.13.3 received prefix-filter
Address family: IPv4 Unicast
ip prefix-list 155.1.13.3: 3 entries
seq 5 deny 112.0.0.0/8
seq 10 deny 114.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
Address family: IPv4 Unicast
ip prefix-list 155.1.13.3: 3 entries
seq 5 deny 112.0.0.0/8
seq 10 deny 114.0.0.0/8
seq 15 permit 0.0.0.0/0 le 32
No comments:
Post a Comment